]]>Companies recognize the need for a cohesive cybersecurity solution to address all threat vectors across their entire landscape. However, many lack the deep understanding needed to implement and sustain solutions.

Business leader responses to the newDigital Transformation Index Studyhighlight security concerns as the #1 barrier impeding their digital transformation, moving up from 5th place in the 2016 study. Not surprisingly, business leaders cited security as their top technology investment over the next 1-3 years. They also identified lack of in-house skills and expertise as the #3 barrier to digital transformation.

Data from another recentGlobal Data Protection Index surveycorroborates these observations, especially around security. The survey shows that the number of businesses unable to recover data after an incident nearly doubled from 2016. Aside from infrastructure failure, the biggest threat identified in the survey is security breach.

Source: Global Protection Index, March 2019

As threats of information breach, hacking, data theft, and ransomware attacks increase, companies must equip their IT people with necessary skills, knowledge, and organized thinking. These abilities are essential to implementing effective cybersecurity solutions.

The most common representation of the NIST Framework includes five functions – Identify, Protect, Detect, Respond, and Recover. Each should be evaluated by organizations in pursuit of ongoing cyber resiliency. NIST has segmented the five functions into specific topics: categories, subcategories and informative references.

Organizations can use these functions and categories as a topical list of actions to consider as part of their security strategy. While these topics should be considered for implementation, there are many factors that will determine how these actions are implemented. Whether employing some, many or all, there is no right or wrong way to implement this framework.

The five functions represent the primary pillars of a successful and holistic cybersecurity program.

Protect

Supports the ability to limit or contain the impact of a potential cybersecurity event.

Detect

Helps organizations define the appropriate activities to identify the occurrence of a cybersecurity event.

Enables timely discovery of cybersecurity events.

Respond

Describes process, procedure and other activities to take when a cybersecurity incident is detected.

Supports the ability to contain and minimize the impact of a cybersecurity incident.

Recover

Helps organizations determine appropriate activities to maintain plans for resilience and to restore capabilities or services impaired due to a cybersecurity incident.

Supports timely recovery of normal operations to reduce the impact of a cybersecurity incident.

Comprehension of these terminologies, processes, frameworks and their components provide foundation of essential skills and knowledge. Adopting and implementing a framework ensures consistency for everything from language and terminology to process and procedure. When staff understand roles and responsibilities the result is increased preparedness and faster return to business as usual after an attack.

NIST Cybersecurity Courses and Certification

Introduction to IT Frameworks and NIST

Provides an overview of several different frameworks and their origins. This free online course also details the elements of the NIST Framework.

Implementing the NIST Cybersecurity Framework

Provides detailed coverage of the framework and uncovers the processes used to understand risk and prioritize and implement security goals in their environment.

Dell EMC Proven Professional Specialist Certification

Validates skills to implement the NIST framework components to drive improved cybersecurity practices into the data center, evaluate risk, and prioritize changes based on business needs and changes in the security landscape.

Do You Have What It Takes to Compete in the Digital Economy?

Discover the processes and methodologies used to integrate the NIST Cybersecurity Framework in your data center environment today by visiting Dell EMC Education Services for more details and to register for the courses.